TPM 2.0 on Debian/Ubuntu
We are running one of the newest Intel NUCs with TPM 2.0 chip (what the vendor is, I haven't been able to figure out). At the moment I am just trying to load the drivers to get it visible to the system, but no dice so far
I have tried Linux Kernels 3.2, 3.16 and 4.2. According to kernelnewbies kernel 4.0 is when TPM 2.0 drivers were introduced.
My current steps to load drivers:
-
ls -la /lib/modules/`uname -r`/kernel/drivers/char/tpmto list available tpm drivers -
modprobe <items from above>. Plenty of people say that tpm_tis is the only thing they needed, but no dice for me - Checking
/sys/class/tpmon 4.* and/sys/class/misc/on 3.* for tpm0 hardware - Running
tcsd -fjust gives me a communication error - Triple checked the BIOS to see if TPM is enabled. It was actually enabled out of the box which apparently it isn't supposed to be?
Output of ls -la /lib/modules/`uname -r`/kernel/drivers/char/tpm:
total 248
drwxr-xr-x 3 root root 4096 Dec 10 18:38 .
drwxr-xr-x 7 root root 4096 Dec 10 18:38 ..
drwxr-xr-x 2 root root 4096 Dec 10 18:38 st33zp24
-rw-r--r-- 1 root root 10984 Nov 18 05:26 tpm_atmel.ko
-rw-r--r-- 1 root root 11760 Nov 18 05:26 tpm_crb.ko
-rw-r--r-- 1 root root 11160 Nov 18 05:26 tpm_i2c_atmel.ko
-rw-r--r-- 1 root root 14904 Nov 18 05:26 tpm_i2c_infineon.ko
-rw-r--r-- 1 root root 20816 Nov 18 05:26 tpm_i2c_nuvoton.ko
-rw-r--r-- 1 root root 24808 Nov 18 05:26 tpm_infineon.ko
-rw-r--r-- 1 root root 66552 Nov 18 05:26 tpm.ko
-rw-r--r-- 1 root root 15784 Nov 18 05:26 tpm_nsc.ko
-rw-r--r-- 1 root root 31624 Nov 18 05:26 tpm_tis.ko
-rw-r--r-- 1 root root 14072 Nov 18 05:26 xen-tpmfront.ko
Any additional steps / direction / tips would be greatly appreciated.
Update
I managed to get 4.4 kernel installed, it manages to load up drivers (I see tpm0 in /sys/class/tpm/tpm0 now). But running tcsd -f give me the following error:
TCSD TDDL ioctl: (25) Inappropriate ioctl for device
TCSD TDDL Falling back to Read/Write device support.
TCSD TCS ERROR: TCS GetCapability failed with result = 0x1e
Also to make sure that I have the latest version of Trousers I compiled that from source as well, still no dice. One thing I have noticed is that inside tpm0 there is no pcrs file
Solution 1:
I Think your tpm is working (check it with dmesg | grep -i tpm) but tpm-tools is only compatible with tpm 1.2 devices (source).
Some new projects exists, may they help us:
- IBM: http://sourceforge.net/projects/ibmtpm20tss/
- Intel: https://github.com/01org/TPM2.0-TSS
- TSS2 based tpm2-tools: https://github.com/01org/tpm2.0-tools